b'           OFFICE OF\n    THE INSPECTOR GENERAL\n\n\nSOCIAL SECURITY ADMINISTRATION\n\n\n\n  PERFORMANCE INDICATOR AUDIT:\n       IMPROPER PAYMENTS\n\n\n   August 2007     A-15-07-17128\n\n\n\n\nAUDIT REPORT\n\x0c                                    Mission\nBy conducting independent and objective audits, evaluations and investigations,\nwe inspire public confidence in the integrity and security of SSA\xe2\x80\x99s programs and\noperations and protect them against fraud, waste and abuse. We provide timely,\nuseful and reliable information and advice to Administration officials, Congress\nand the public.\n\n                                   Authority\nThe Inspector General Act created independent audit and investigative units,\ncalled the Office of Inspector General (OIG). The mission of the OIG, as spelled\nout in the Act, is to:\n\n  \xef\x81\xad Conduct and supervise independent and objective audits and\n    investigations relating to agency programs and operations.\n  \xef\x81\xad Promote economy, effectiveness, and efficiency within the agency.\n  \xef\x81\xad Prevent and detect fraud, waste, and abuse in agency programs and\n    operations.\n  \xef\x81\xad Review and make recommendations regarding existing and proposed\n    legislation and regulations relating to agency programs and operations.\n  \xef\x81\xad Keep the agency head and the Congress fully and currently informed of\n    problems in agency programs and operations.\n\n  To ensure objectivity, the IG Act empowers the IG with:\n\n  \xef\x81\xad Independence to determine what reviews to perform.\n  \xef\x81\xad Access to all information necessary for the reviews.\n  \xef\x81\xad Authority to publish findings and recommendations based on the reviews.\n\n                                     Vision\nWe strive for continual improvement in SSA\xe2\x80\x99s programs, operations and\nmanagement by proactively seeking new ways to prevent and deter fraud, waste\nand abuse. We commit to integrity and excellence by supporting an environment\nthat provides a valuable public service while encouraging employee development\nand retention and fostering diversity and innovation.\n\x0c                                        SOCIAL SECURITY\n\nMEMORANDUM\nDate:      August 31, 2007                                                       Refer To:\n\nTo:        The Commissioner\n\nFrom:      Inspector General\n\nSubject:   Performance Indicator Audit: Improper Payments (A-15-07-17128)\n\n\n           We contracted with PricewaterhouseCoopers, LLP (PwC) to evaluate 13 of the Social\n           Security Administration\xe2\x80\x99s (SSA) performance indicators established to comply with the\n           Government Performance and Results Act. Attached is the final report presenting the\n           results of one of the performance indicators PwC reviewed. For the performance\n           indicator included in this audit, PwC\xe2\x80\x99s objectives were to:\n              \xe2\x80\xa2   Assess the effectiveness of internal controls and test critical controls over data\n                  generation, calculation, and reporting processes for the specific performance\n                  indicator.\n              \xe2\x80\xa2   Assess the overall reliability of the performance indicator\xe2\x80\x99s computer processed\n                  data. Data are reliable when they are complete, accurate, consistent and not\n                  subject to inappropriate alteration.\n              \xe2\x80\xa2   Test the accuracy of results presented and disclosed in SSA\xe2\x80\x99s Fiscal Year 2006\n                  Performance and Accountability Report.\n              \xe2\x80\xa2   Assess if the performance indicator provides a meaningful measurement of the\n                  program it measures and the achievement of its stated objective.\n\n           This report contains the results of the audit for the following indicators:\n\n              \xe2\x80\xa2   Percent of Old-Age, Survivors and Disability Insurance payments free of\n                  overpayment and underpayment.\n\n           Please provide within 60 days a corrective action plan that addresses each\n           recommendation. If you wish to discuss the final report, please call me or have your\n           staff contact Steven L. Schaeffer, Assistant Inspector General for Audit, at\n           (410) 965-9700.\n\n\n\n\n                                                                 Patrick P. O\xe2\x80\x99Carroll, Jr.\n           Attachment\n\x0cMEMORANDUM\n\nDate:      August 23, 2007\n\nTo:        Inspector General\n\nFrom:      PricewaterhouseCoopers, LLP\n\nSubject:   Performance Indicator Audit: Improper Payments (A-15-07-17128)\n\n\nOBJECTIVE\nThe Government Performance and Results Act (GPRA) 1 of 1993 requires the Social\nSecurity Administration (SSA) to develop performance indicators that assess the\nrelevant service levels and outcomes of each program activity. 2 GPRA also calls for a\ndescription of the means employed to verify and validate the measured values used to\nreport on program performance. 3\n\nOur audit was conducted in accordance with generally accepted government auditing\nstandards for performance audits. For the performance indicator included in this audit,\nour objectives were to:\n\n           1. Assess the effectiveness of internal controls and test critical controls over the\n              data generation, calculation, and reporting processes for the specific\n              performance indicator.\n\n           2. Assess the overall reliability of the performance indicator\xe2\x80\x99s computer\n              processed data. Data are reliable when they are complete, accurate,\n              consistent and not subject to inappropriate alteration. 4\n\n           3. Test the accuracy of results presented and disclosed in SSA\xe2\x80\x99s Fiscal Year\n              (FY) 2006 Performance and Accountability Report (PAR).\n\n           4. Assess if the performance indicator provides a meaningful measurement of\n              the program it measures and the achievement of its stated objective.\n\n\n1\n Public Law Number 103-62, 107 Stat. 285 (codified as amended in scattered sections of 5 United States\nCode (U.S.C.), 31 U.S.C. and 39 U.S.C.).\n2\n    31 U.S.C. \xc2\xa7 1115(a)(4).\n3\n    31 U.S.C. \xc2\xa7 1115(a)(6).\n4\n Government Accountability Office (GAO), GAO-03-273G, Assessing Reliability of Computer Processed\nData, October 2002, p. 3.\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                       1\n\x0cBACKGROUND\nWe audited the following performance indicator as stated in the SSA FY 2006 PAR:\n\nPerformance            Goal                                       Reported Results 5\nIndicator\n\nPercent of Old-        FY 2005                                    FY 2005 Actual6\nAge, Survivors,        Overpayment accuracy: 99.8%                Overpayment accuracy: 99.6%\nand Disability\nInsurance              Underpayment accuracy: 99.8%               Underpayment accuracy: 99.8%\n(OASDI)\npayments free          FY 2006                                    FY 2006 Actual7\nof overpayment         Overpayment accuracy: 99.8%                Overpayment accuracy: Not\n(O/P) and                                                         Available\nunderpayment           Underpayment accuracy: 99.8%\n(U/P) *                                                           Underpayment accuracy: Not\n                                                                  Available\n* The performance indicator calculation does not include unavoidable overpayments and underpayments\nthat may result from legal or policy requirements.\n\nThe OASDI Program, authorized by Title II of the Social Security Act, provides income\nfor eligible workers, eligible members of their families and survivors, eligible workers\nwho have qualifying disabilities and for eligible members of their families before those\nworkers reach retirement age. Individuals (or qualifying survivors) may become entitled\nunder OASDI programs based on the individual\'s taxable earnings during his or her\nlifetime. In addition, to qualify for DI, a worker must have a physical or mental\nimpairment that prevents them from performing gainful work with earnings above a\ncertain monthly amount. 8 SSA has stated that OASDI benefit payments have an\nincreased risk of overpayments due to: substantial gainful activity not reported timely to\nSSA, computation errors in reporting of additional earnings, annual earnings test, and\nrelationship/dependency (e.g., unreported marriage, not having child-in-care, and\nstudents not in full-time attendance). In addition, SSA has stated that OASDI benefit\npayments have an increased risk of underpayments due to: computation errors in\nreporting of additional earnings, incorrect reporting of age/date of birth, workers\'\ncompensation not reported timely to SSA, and wages/self-employment income not\nposted correctly. "While the improper payment rate in the OASDI program is very low,\n5\n    SSA\'s FY 2006 Performance and Accountability Report, p. 95.\n6\n The FY 2005 final data for the indicator was not available in time for the publication of the FY 2005 PAR.\nTherefore, the final FY 2005 results were reported in the FY 2006 PAR.\n7\n  The performance data presented for FY 2005 is an actual. Per SSA\xe2\x80\x99s FY 2006 PAR, final data will be\nreported in the FY 2007 PAR.\n8\n    The Social Security Act, \xc2\xa7\xc2\xa7 201-234, 42 U.S.C. \xc2\xa7\xc2\xa7 401-434.\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                           2\n\x0cSSA\'s annual outlays are so large that even small percentages of payment error can\nmean millions of dollars paid incorrectly. Accordingly, SSA seeks continuous\nimprovement in its process to minimize improper payments." 9 The establishment of the\nOffice of Quality Performance (OQP) assists with this effort.\n\nOQP conducts reviews (known as Stewardship reviews) to measure the quality and\naccuracy of recurring benefit payments provided by SSA. These reviews continue to be\nthe primary measure of quality for Agency performance and provide the basis for\nreports to Congress and other monitoring authorities. OQP randomly selects OASDI\nbeneficiaries each month to participate in the review. The Office of Assistance and\nInsurance Program Quality (OAIPQ), or regional OQP offices, receive the sample\nparticipants\xe2\x80\x99 information from Headquarters OQP, schedule and conduct interviews with\nthe beneficiary if necessary, and determine whether there has been an over or\nunderpayment based on changes to non-medical factors of eligibility. The results of the\nreview are entered into the Retirement and Survivors Insurance (RSI) Modernized\nAssessment System (RMAS). See Appendix C for a workflow and description of the\nreview process. OQP calculates the performance indicator results based on the\noutcome of the Stewardship reviews.\n\nThe performance indicator is calculated in the following manner:\n\n                                                          * Total Weighted Overpayment\nPercent of OASDI payments free of                                     Dollars\noverpayment (O/P)                                =          Total Weighted Dollars Paid\n\n                                                       * This percentage is subtracted from 100\n                                                       percent to attain the accuracy rate\n\n\n\n                                                         * Total Weighted Underpayment\nPercent of OASDI payments free of                                    Dollars\nunderpayment (U/P)                               =         Total Weighted Dollars Paid\n\n                                                       * This percentage is subtracted from 100\n                                                       percent to attain the accuracy rate\n\n\n\nFor FY 2005, the OASDI Payment Accuracy (Stewardship) Report noted that OASDI\nStewardship reviews were completed on 1,528 cases, with an overpayment accuracy\nrate of 99.6 percent and an underpayment accuracy rate of 99.8 percent. 10 The\n\n\n\n9\n    SSA\'s FY 2006 Performance and Accountability Report, pp. 206-207.\n10\n     SSA\'s FY 2005 Title II Payment Accuracy (Stewardship) Report, p. 1.\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                    3\n\x0cFY 2005 overpayment and underpayment accuracy results were presented as actual\nresults in the FY 2006 PAR. The actual results for FY 2006 will be reported in the\nFY 2007 PAR. SSA management continued to use the FY 2005 goal as the goal for\nFY 2006 indicator.\n\nThe payment accuracy rate performance indicator percentage is derived from sampled\ncases and does not generally equal the true accuracy rates for all payments.\nAccordingly, SSA calculates the precision, or margin of error, for each of the accuracy\nrate percentages. The margin of error is not used in the calculation of the payment\naccuracy rate indicator. Rather, the margin of error provides a range of values that are\nexpected to contain the true population accuracy rate with some level of confidence.\nAppendix D provides more information on SSA\xe2\x80\x99s methodology for calculating the margin\nof error.\n\nRESULTS OF REVIEW\nOur assessment of the indicator included in this report did not identify any significant\nexceptions related to the meaningfulness of the indicator, the accuracy of presentation,\nor disclosure of information related to the indicator in the FY 2006 PAR. We were able\nto recalculate the indicator results and found them to be accurate.\n\nHowever, our assessment did identify issues with internal controls and data reliability.\nWe noted that two SSA OAIPQ programmers had direct data access that would allow\nthem to update production performance indicator data.\n\nInternal Controls and Data Reliability\n\nTwo members of OAIPQ\xe2\x80\x99s programming personnel had the "All" access designation\n(within the Top Secret security software) to RMAS datasets used to calculate the\nindicator results. This level of access allows users to create, delete and modify any of\nthe data (or datasets) contained within the datasets we reviewed. Therefore, the data\nused to calculate the performance indicator could be inappropriately modified and could\nimpact the results of this performance indicator. This level of access prevents SSA from\nensuring the integrity of this production data. By allowing programming personnel to\nhave the "All" access designation, SSA is not conforming to Office of Management and\nBudget Circular A-130, Management of Federal Information Resources, Appendix III,\nSecurity of Federal Automated Information Resources, principles of "least privileged\naccess" or segregation of duties. 11 Therefore, the data cannot be considered reliable\nsince the access control issue created the potential for inappropriate alteration. It\nshould be noted that SSA management removed the programmers\' update access to\nRMAS during September 2006.\n\n\n11\n   SSA is currently implementing the Standardized Security Profile Project to address the principle of\n\xe2\x80\x9cleast privileged access\xe2\x80\x9d for users with access to mainframe datasets.\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                           4\n\x0cCONCLUSION AND RECOMMENDATIONS\nWe recommend SSA:\n\n   1. Continue to restrict access to personnel who should not have the ability to\n      directly modify, create or delete the datasets used to calculate indicator results.\n\nAGENCY COMMENTS\nThe Agency agreed with our recommendation. The Agency\xe2\x80\x99s comments are included in\nAppendix E.\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                              5\n\x0c                                          Appendices\nAPPENDIX A \xe2\x80\x93 Acronyms\n\nAPPENDIX B \xe2\x80\x93 Scope and Methodology\n\nAPPENDIX C \xe2\x80\x93 Process Flowcharts\n\nAPPENDIX D \xe2\x80\x93 Statistical Methodology\n\nAPPENDIX E \xe2\x80\x93 Agency Comments\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)\n\x0c                                                                   Appendix A\nAcronyms\nCO                    Central Office\nCR                    Consistency Review\nDEQY                  Detailed Earnings Query\nDI                    Disability Insurance\nFO                    Field Office\nFY                    Fiscal Year\nGAO                   Government Accountability Office\nGPRA                  Government Performance and Results Act\nMBR                   Master Beneficiary Record\nOAIPQ                 Office of Assistance and Insurance Program Quality\nOASDI                 Old-Age, Survivors and Disability Insurance\nODISP                 Office of Disability and Income Security Program\nOQP                   Office of Quality Performance\nO/P                   Overpayment\nORSIS                 Office of Retirement and Survivors Insurance System\nOSM                   Office of Strategic Management\nOSSAS                 Office of Statistics and Special Area Studies\nPAR                   Performance and Accountability Report\nPSC                   Program Service Center\nPwC                   PricewaterhouseCoopers, LLP\nRETAP                 Regular Transcript Attainment and Selection Pass\nRMAS                  RSI Modernized Assessment System\nRSI                   Retirement and Survivors Insurance\nSSA                   Social Security Administration\nU/P                   Underpayment\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)\n\x0c                                                                      Appendix B\nScope and Methodology\nWe updated our understanding of the Social Security Administration\xe2\x80\x99s (SSA)\nGovernment Performance and Results Act (GPRA) processes. This was completed\nthrough research and questions to SSA management. We also requested SSA to\nprovide various documents regarding the specific programs being measured as well as\nthe specific measurement used to assess the effectiveness and efficiency of the related\nprogram.\n\nThrough inquiry, observation, and other substantive testing, including testing of source\ndocumentation, we performed the following:\n\n   \xe2\x80\xa2   Reviewed prior SSA, Office of the Inspector General and other reports related to\n       SSA\xe2\x80\x99s GPRA performance and related information systems.\n   \xe2\x80\xa2   Reviewed applicable laws, regulations and SSA policy.\n   \xe2\x80\xa2   Met with the appropriate SSA personnel to confirm our understanding of the\n       performance indicator.\n   \xe2\x80\xa2   Flowcharted the process. (See Appendix C).\n   \xe2\x80\xa2   Tested key controls related to manual or basic computerized processes (e.g.,\n       spreadsheets, databases, etc.).\n   \xe2\x80\xa2   Conducted and evaluated tests of the automated and manual controls within and\n       surrounding each of the critical applications to determine whether the tested\n       controls were adequate to provide and maintain reliable data to be used when\n       measuring the specific indicator.\n   \xe2\x80\xa2   Identified attributes, rules, and assumptions for each defined data element or\n       source document.\n   \xe2\x80\xa2   Recalculated the metric or algorithm of the performance indicator to ensure\n       mathematical accuracy.\n   \xe2\x80\xa2   We assessed the completeness and accuracy of the data to determine the data\'s\n       reliability as it pertains to the objectives of the audit.\n\nAs part of this audit, we documented our understanding, as conveyed to us by Agency\npersonnel, of the alignment of the Agency\xe2\x80\x99s mission, goals, objectives, processes, and\nrelated performance indicators. We analyzed how these processes interacted with\nrelated processes within SSA and the existing measurement systems. Our\nunderstanding of the Agency\xe2\x80\x99s mission, goals, objectives, and processes were used to\ndetermine if the performance indicator appeared to be valid and appropriate given our\nunderstanding of SSA\xe2\x80\x99s mission, goals, objectives and processes.\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                          B-1\n\x0cWe followed all performance audit standards in accordance with generally accepted\ngovernment auditing standards.\n\nIn addition to these steps, we specifically performed the following to test the indicator\nincluded in this report:\n\n   \xe2\x80\xa2   Interviewed personnel in the Office of Quality Performance (OQP).\n   \xe2\x80\xa2   Assessed the sample selection methodology for Old-Age, Survivors and\n       Disability Insurance (OASDI) Stewardship case files.\n   \xe2\x80\xa2   Reviewed a sample of OASDI Stewardship cases and determined if the review\n       was in compliance with OQP policies and procedures.\n   \xe2\x80\xa2   Reviewed the process for controlling access to the datasets storing the indicator\n       data and tested the appropriateness of the access privileges granted to the\n       datasets for a selection of SSA personnel.\n   \xe2\x80\xa2   Reviewed the weights applied to the sample size and universe.\n   \xe2\x80\xa2   Re-performed the calculation of the payment accuracy rate, including case\n       weights, for overpayment and underpayments.\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                          B-2\n\x0c                                                                                                                                                                      Appendix C\nFlowchart of OASDI Payment Accuracy\n                                         The Office of Retirement                                               Retirement Survivors\n                                         and Survivors Insurance                                                Disability Modernized\n                                                                              Office of Statistics and\n                                          Systems (ORSIS) uses                                                  Assessment System\n                                                                               Special Area Studies\n         Annual selection                   Regular Transcript                                                 (RMAS) selects cases                      Electronic Notification\n                                                                             (OSSAS) maintains Field\n                                        Attainment Selection Pass                                                 based on cluster\n                                                                              Office (FO) cluster file\n                                        (RETAP) program to select                                              indicator and eligibility\n                                           1 of every 500 cases                                                         criteria\n\n\n\n\n       The Office of Assurance\n            and Insurance\n        Performance Quality\n       (OAIPQ) requests claim\n        folders from Program\n        Service Center (PSC)\n\n\n\n\n      OAIPQ gathers queries:\n        Numident, Summary\n      Earning Record (SEQY),                                                                                 OAIPQ reviewer                              Is case\n                                           OAIPQ receives                OAIPQ creates                                                                                                    OAIPQ\n     Detailed Earnings Record                                                                            completes SSA-2930/31                        selected for\n                                          folder and begins            review folder with all                                                                               Yes        schedules in-\n          (DEQY), Master                                                                                  forms and recalculates                      face-to-face\n                                             desk review                  documentation                                                                                               person interview\n     Beneficiary Record (MBR),                                                                               benefit payment                           interview?\n      and Full Claims Earnings\n          Record (FCER)\n\n                                                                                                                                                          No\n\n\n\n\n                                                                                                                                                                                    Reviewer compares\n                                                                                                                                                 OAIPQ contacts\n                                                                                                                                                                                      information from\n                                                                                                                                               beneficiary by phone\n                                                                                                                                                                                   beneficiary to the SSA-\n                                                                                                                                                  (approx. 75%)\n                                                                                                                                                                                         2930 form.\n\n\n\n\n                                                                                        No\n\n\n\n   Does OAIPQ                                           Does OQC\n                             OAIPQ updates\n    identify any       No                               identify any\n                                 RMAS\n  discrepancies?                                      discrepancies?\n                                                                                                   OAIPQ return\n                                                                                                                                    Updated RMAS\n                                                                                                  case file to PSC\n\n       Yes\n\n      OAIPQ                       Yes\n    completes\n                                                                                                                                                                        OAIPQ keeps\n      benefit                                                            No                                                      Operating            Operations                              OAIPQ retains\n                                                                                                                                                                        review folders\n    calculation                                                                                                                 component             ensures the                             SSA-8538 for\n                                                                                                                                                                          18 months\n    worksheet                                                                                     Does PSC rebut                 performs              correction                              5 years and\n                                                                                                                        No                                              after database\n                                                                                                     findings?                   corrective            was made                                disposes of\n                                                                                                                                                                          close or 12\n                                                                                                                               action within           within 20                                  case\n                                                                                                                                                                         months after\n                                                                                                                                  20 days                days                                      file\n                                                                                                                                                                             report\n     OAIPQ                                                                                               Yes                        Yes\n calculates over/\n under payment\n                                                                                                       PSC and\n                                                                                                   OAIPQ resolve             Corrected action\n                                                                                                                                                                       No\n                                                                                                   differences and              required?\n                                                                                                    update RMAS\n      OAIPQ\n    documents                OQC performs\n                                                        Does OQC identify                                                                                                                     Updated RMAS\n   discrepancies              consistency\n                                                        any discrepancies?\n  on SSA-93 and                 review\n  updates RMAS\n\n\n                                                               Yes\n\n\n                                                          OQC notifies\n                                                                                   OAIPQ updates\n                                                         OAIPQ of review\n                                                                                       RMAS\n                                                             errors\n\n\n\n\n                                                                                                                OQP creates\n                               Office of Quality                                   OQP calculates the\n                                                       OQP weights cases                                         Fiscal Year               OQP reports results\n                             Performance (OQP)                                          accuracy                                                                         OSM publishes GPRA results\n                                                       to sample size and                                       Stewardship                to Office of Strategic\n                              extracts accuracy                                    percentage for O/P                                                                              in PAR\n                                                            universe                                               Reports                 Management (OSM)\n                              data from RMAS                                             & U/P\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                                                                                                                                C-1\n\x0cFlowchart of OASDI Payment Accuracy - Narrative\n   \xe2\x80\xa2   The Office of Retirement and Survivors Insurance Systems (ORSIS) uses the\n       Regular Transcript Attainment and Selection Pass (RETAP) program to select\n       1 of every 500 cases eligible for selection from the Master Beneficiary Record\n       (MBR) so the input file is a manageable size. The sample is selected monthly,\n       usually on Friday, from cases in pay status on the current MBR. This will result\n       in the sample size of 500 Disability Insurance (DI) and 1,000 Retirement and\n       Survivors Insurance (RSI) cases.\n   \xe2\x80\xa2   Office of Statistics and Special Area Studies (OSSAS) updates Field Office (FO)\n       cluster to identify those FOs that are eligible for sample selection.\n   \xe2\x80\xa2   RSI Modernized Assessment System (RMAS) transmits support materials and\n       lists of cases electronically to the Office of Assistance and Insurance Program\n       Quality Branch (OAIPQ) and Central Office (CO).\n   \xe2\x80\xa2   OAIPQ requests claim folders from the Program Service Center (PSC), gathers\n       queries, e.g., MBR, Numident, Detailed Earnings Query (DEQY).\n   \xe2\x80\xa2   Upon receipt of the claim folders, OAIPQ will perform a desk review and\n       recalculate benefits payments to verify accuracy of payment in sample period.\n       OAIPQ will complete the portion of the RSI/DI Quality Review Case Analysis\n       form (SSA -2930) related to the desk review and MBR documentation.\n       Verification tables are used to guide the information collection process.\n   \xe2\x80\xa2   The desk reviewer contacts the beneficiary to verify existence and receipt of\n       payment. In most cases, contact may be made either by phone or in person for a\n       field review. The field interview is required to obtain certain types of verification,\n       such as earnings for the Annual Earning Testing or the relationship between\n       beneficiaries on the sampled Social Security Number.\n   \xe2\x80\xa2   If a field interview is required, the reviewer compares the information gathered\n       from the sampled beneficiary to the information obtained and documented in the\n       SSA-2930.\n   \xe2\x80\xa2   OAIPQ enters results regarding the accuracy of payments made in the sample\n       period into the RMAS. RMAS is a record of the types of deficiencies, the number\n       of occurrences, and the dollar impact.\n   \xe2\x80\xa2   If OAIPQ does not detect any discrepancies, a random sample of 10 percent of\n       the non-error cases is selected for Consistency Review (CR) by Office of Quality\n       Performance (OQP). Following CR, the Title II folder is returned to the PSC.\n       OQP\'s case file is maintained in the OAIPQ for the specified period of time.\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                            C-2\n\x0c   \xe2\x80\xa2   If OAIPQ does identify discrepancies, OAIPQ will document findings on the\n       Quality Review Feedback Report (SSA-93) and forwards the report to OQP for a\n       CR for all dollar errors over $5. Following the CR, the Title II folder and SSA-93\n       are returned to the PSC. Informational discrepancies, which do not affect the\n       payment under review, are also reported.\n   \xe2\x80\xa2   If the PSC does not agree with deficiency, Feedback Coordinator rebuts the\n       review findings either informally or through a potentially three-level process\n       culminating with the Regional Commissioner. Resolution may occur at any level.\n   \xe2\x80\xa2   If the PSC agrees with the deficiency, operating component performs corrective\n       action, indicating action on the SSA-93, and forwards the response to OAIPQ.\n   \xe2\x80\xa2   If OQP agrees with the rebuttal and RMAS is still open for the year, OQP\n       removes the discrepancy from the database so that it is not reported as an error.\n   \xe2\x80\xa2   The OAIPQ maintains a separate file for each case that is reviewed. These files\n       are maintained in the respective OAIPQ offices for approximately 18 months after\n       the close of RMAS for that year. Following the retention period, SSA-8538\n       (Quality Review Collateral Contact List/Record of Disclosure) is removed from\n       the file and retained for 55 years, and the rest of the case file is destroyed.\n   \xe2\x80\xa2   OQP extracts accuracy data from RMAS and applies case weights to sample\n       size and universe.\n   \xe2\x80\xa2   OQP calculates the accuracy rate (error dollars divided by the total dollars paid\n       for the fiscal year) for payments with overpayment and underpayment dollars and\n       reports the rates in the Stewardship report.\n   \xe2\x80\xa2   Indicator data is sent to Office of Disability and Income Security Program for\n       review of results in the Stewardship report and subsequently reports the annual\n       Government Performance and Results Act (GPRA) results.\n   \xe2\x80\xa2   The Office of Strategic Management publishes the reported GPRA results in the\n       annual Performance Accountability Report.\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                         C-3\n\x0c                                                                              Appendix D\n\nStatistical Methodology - Margin of Error Calculation\nPricewaterhouseCoopers reviewed this performance indicator during the Fiscal Year\n(FY) 2005 Financial Statement audit. During the FY 2006 Government Performance\nand Results Act (GPRA) audit, we found no significant changes to the sampling and\nestimation models used to calculate this performance indicator. As such, our previous\nassessment of the sampling and estimation models used by the Social Security\nAdministration (SSA) management in FY 2005 is consistent with the sampling and\nestimation models used in FY 2006. SSA uses a random group methodology to\ncalculate the Title II payment accuracy margin of error. Per SSA documentation the\nmargins of error methodology is described as follows:\n\n1. The sample data is randomly assigned to 10 groups of equal size with any remainder\n   assigned randomly, 1 to a group.\n2. The accuracy rate (number of cases without error divided by the total number of cases)\n   is computed independently for each of the 10 groups.\n3. The variance is computed by subtracting the accuracy rate for each group from the\n   accuracy rate established for the entire sample, squaring that difference, summing the\n   squared differences, and dividing by 90.\n\nThe description provided by SSA is a valid method (dependent random groups) for\nstandard error estimation.1 The standard error is calculated as the square root of the\nvariance. To calculate precision at the 95 percent confidence level, SSA multiplies the\nstandard error by 2.26 (the 97.5th percentile of the t-distribution with 9 degrees of\nfreedom). To calculate the 95 percent confidence intervals, SSA multiplies the standard\nerror by 2.26 and adds this number to the projected accuracy rate to get the upper\n95 percent confidence limit, and subtracts this number from the projected accuracy rate to\nget the lower 95 percent confidence limit. We found the method for calculating the margin\nof error valid, and matched approximately SSA\xe2\x80\x99s reported margin of errors and confidence\nintervals. An exact match with SSA\xe2\x80\x99s reported margin of errors and confidence intervals\nwas not possible due to differences in random seed number selection and group\nallocation.\n\n\n\n\n1\n See Sarndal, C.-E., B. Swensson, and J. Wretman (2003), Model Assisted Survey Sampling, Springer,\nSection 11.3.2.\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)\n\x0c                                                                 Appendix E\nAgency Comments\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)\n\x0c                                             SOCIAL SECURITY\n\nMEMORANDUM\n\nDate:      August 23, 2007                                                       Refer To: S1J-3\n\nTo:        Patrick P. O\'Carroll, Jr.\n           Inspector General\n\nFrom:      Larry W. Dye /s/\n\nSubject:   Office of the Inspector General (OIG) Draft Report, "Performance Indicator Audit: Improper\n           Payments" (A-15-07-17128) \xe2\x80\x93INFORMATION\n\n\n           We appreciate OIG\xe2\x80\x99s efforts in conducting this review. Our response to the recommendation is\n           attached.\n\n           Please let me know if we can be of further assistance. Staff inquiries may be directed to\n           Ms. Candace Skurnik, Director, Audit Management and Liaison Staff, at extension 54636.\n\n           Attachment:\n           SSA Response\n\n\n\n\n           Performance Indicator Audit: Improper Payments (A-15-07-17128)                               E-1\n\x0cCOMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL (OIG) DRAFT\nREPORT "PERFORMANCE INDICATOR AUDIT: IMPROPER PAYMENTS"\n(A-15-07-17128)\n\n\nThank you for the opportunity to review and comment on the draft report. Our response to the\nspecific recommendation is provided below.\n\nRecommendation 1\n\nThe Social Security Administration should continue to restrict access to personnel who should\nnot have the ability to directly modify, create or delete the datasets used to calculate indicator\nresults.\n\nResponse\n\nWe agree. The report accurately notes that the finding regarding the internal control problem\nwas corrected in September 2006; therefore, no further action is necessary.\n\n\n\n\nPerformance Indicator Audit: Improper Payments (A-15-07-17128)                                       E-2\n\x0c               Overview of the Office of the Inspector General\nThe Office of the Inspector General (OIG) is comprised of our Office of Investigations (OI),\nOffice of Audit (OA), Office of the Chief Counsel to the Inspector General (OCCIG), and Office\nof Resource Management (ORM). To ensure compliance with policies and procedures, internal\ncontrols, and professional standards, we also have a comprehensive Professional Responsibility\nand Quality Assurance program.\n                                         Office of Audit\nOA conducts and/or supervises financial and performance audits of the Social Security\nAdministration\xe2\x80\x99s (SSA) programs and operations and makes recommendations to ensure\nprogram objectives are achieved effectively and efficiently. Financial audits assess whether\nSSA\xe2\x80\x99s financial statements fairly present SSA\xe2\x80\x99s financial position, results of operations, and cash\nflow. Performance audits review the economy, efficiency, and effectiveness of SSA\xe2\x80\x99s programs\nand operations. OA also conducts short-term management and program evaluations and projects\non issues of concern to SSA, Congress, and the general public.\n\n\n                                     Office of Investigations\nOI conducts and coordinates investigative activity related to fraud, waste, abuse, and\nmismanagement in SSA programs and operations. This includes wrongdoing by applicants,\nbeneficiaries, contractors, third parties, or SSA employees performing their official duties. This\noffice serves as OIG liaison to the Department of Justice on all matters relating to the\ninvestigations of SSA programs and personnel. OI also conducts joint investigations with other\nFederal, State, and local law enforcement agencies.\n\n\n                     Office of the Chief Counsel to the Inspector General\nOCCIG provides independent legal advice and counsel to the IG on various matters, including\nstatutes, regulations, legislation, and policy directives. OCCIG also advises the IG on\ninvestigative procedures and techniques, as well as on legal implications and conclusions to be\ndrawn from audit and investigative material. Finally, OCCIG administers the Civil Monetary\nPenalty program.\n                                Office of Resource Management\nORM supports OIG by providing information resource management and systems security. ORM\nalso coordinates OIG\xe2\x80\x99s budget, procurement, telecommunications, facilities, and human\nresources. In addition, ORM is the focal point for OIG\xe2\x80\x99s strategic planning function and the\ndevelopment and implementation of performance measures required by the Government\nPerformance and Results Act of 1993.\n\x0c'